subdomain problem
Michael Voight
mvoight at cisco.com
Wed Sep 1 19:16:49 UTC 1999
What we are saying it is difficult to help without information.
No one asaid you were stupid. I suggested we didn't have enough
information to see the problem. So, fine, I won't help.
Michael
hoyoung at us.ibm.com wrote:
>
> Please, people... if you want to help, great! Otherwise, don't bother
> insult/abuse us who ask questions. Remember, everyone was once "stupid". I
> don't believe you are the exception of the rules.
>
> Btw, I work on fireware and know and done what you suggested. But rules are
> rules, they aren't made by me and wont' be broken by me, either.
>
> Thanks and appreciate all your help!
> H. D
>
> > Could anyone tell me what I'm missing here?
>
> Incomplete zone information
> ---the crucial and necessary zone info is there
No, it isn't
>
> No named.boot or named.conf info
> ---very basic...not sure even need to look into this. Possitive they are
> correct of no error.
Even postive people make mistakes.
>
> No log messages
> No query results from nslookup or dig
> ---As i said, nslookup result is no ip(x.x.x.x) found and server failed.
OK, server failed is a valid message. But we have no clue about whether
this ip address is the ip address of the auth server.
Was the reverse zone delegated to you?
> No idea if the internic knows who you are
> ---we are absolutely known by the internic....They aren't the only servers and
> domains I manage...I think I know this much...
>
> What actually have you told us except
>
> It doesn't work
> I delegated the reverse domain.
>
> Why are you talking about the reverse domain if you don't care about it?
>
> Plus, for security reasons, you don't want to give us the real names or
> zones. Take it from a professional.. If this is the security that you
> are relying on, DON'T. Real security is done by blocking traffic and/or
> authentication, not by hiding hostnames and addresses.
>
> Michael
>
> hoyoung at us.ibm.com wrote:
> >
> > Could anyone tell me what I'm missing here?
> >
> > Parent domain test.com is on server name.test.com. Server ip is 11.13.x.x
> > Sub domain sub.test.com is on server namesub.test.com. Server ip is
> 11.13.x.x
> >
> > test.com is authoritive for 13.11.IN-ADDR.ARPA and 12.11.IN-ADDR.ARPA I want
> > sub.test.com to be authoritive for 5.12.11.in-addr.arpa. This what I did:
> >
> > a. In 12.11.IN-ADDR.ARPA.zone on name.test.com, I have:
> >
> > 5 IN NS namesub.test.com.
> > 14 IN NS namesub.test.com.
> >
> > b. On namesub.test.com, I have a zone called 5.12.11.in-addr.arpa.zone which
> has
> > the following:
> >
> > $ORIGIN 5.12.11.in-addr.arpa.
> > @ IN SOA namesub.test.com. hoyoung.test.com. (980926 600 400 2592000
> 300
> > 200 )
> > IN NS namesub.test.com.
> > 11 IN PTR .....
> > 12 IN ....
> >
> > ON server namesub.test.com, in etc/hosts, I have 11.13.x.x. and
> > namesub.test.com. In /etc/resolv.conf file, I have domain sub.test.com.
> >
> > I only care about reverse resolution.
> > I can't resolve anything. What's wrong with the configuration?
> >
> > Thanks.
> > btw, the ip ranges and domain names aren't real for security purpose...
> >
> > Hannah Day
More information about the bind-users
mailing list